ID CVE-2018-10897
Summary A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected.
References
Vulnerable Configurations
  • cpe:2.3:a:rpm-software-management_project:yum-utils:1.1.31
    cpe:2.3:a:rpm-software-management_project:yum-utils:1.1.31
  • cpe:2.3:a:redhat:virtualization:4.0
    cpe:2.3:a:redhat:virtualization:4.0
  • Red Hat Enterprise Linux Desktop 6.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
  • RedHat Enterprise Linux Desktop 7.0
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
  • Red Hat Enterprise Linux Server 6.0
    cpe:2.3:o:redhat:enterprise_linux_server:6.0
  • RedHat Enterprise Linux Server 7.0
    cpe:2.3:o:redhat:enterprise_linux_server:7.0
  • Red Hat Enterprise Linux Workstation 6.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:6.0
  • RedHat Enterprise Linux Workstation 7.0
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
CVSS
Base: 9.3
Impact:
Exploitability:
CWE CWE-22
CAPEC
  • Relative Path Traversal
    An attacker exploits a weakness in input validation on the target by supplying a specially constructed path utilizing dot and slash characters for the purpose of obtaining access to arbitrary files or resources. An attacker modifies a known path on the target in order to reach material that is not available through intended channels. These attacks normally involve adding additional path separators (/ or \) and/or dots (.), or encodings thereof, in various combinations in order to reach parent directories or entirely separate trees of the target's directory structure.
  • Directory Traversal
    An attacker with access to file system resources, either directly or via application logic, will use various file path specification or navigation mechanisms such as ".." in path strings and absolute paths to extend their range of access to inappropriate areas of the file system. The attacker attempts to either explore the file system for recon purposes or access directories and files that are intended to be restricted from their access. Exploring the file system can be achieved through constructing paths presented to directory listing programs, such as "ls" and 'dir', or through specially crafted programs that attempt to explore the file system. The attacker engaging in this type of activity is searching for information that can be used later in a more exploitive attack. Access to restricted directories or files can be achieved through modification of path references utilized by system applications.
  • File System Function Injection, Content Based
    An attack of this type exploits the host's trust in executing remote content including binary files. The files are poisoned with a malicious payload (targeting the file systems accessible by the target software) by the attacker and may be passed through standard channels such as via email, and standard web content like PDF and multimedia files. The attacker exploits known vulnerabilities or handling routines in the target processes. Vulnerabilities of this type have been found in a wide variety of commercial applications from Microsoft Office to Adobe Acrobat and Apple Safari web browser. When the attacker knows the standard handling routines and can identify vulnerabilities and entry points they can be exploited by otherwise seemingly normal content. Once the attack is executed, the attackers' program can access relative directories such as C:\Program Files or other standard system directories to launch further attacks. In a worst case scenario, these programs are combined with other propagation logic and work as a virus.
  • Using Slashes and URL Encoding Combined to Bypass Validation Logic
    This attack targets the encoding of the URL combined with the encoding of the slash characters. An attacker can take advantage of the multiple way of encoding an URL and abuse the interpretation of the URL. An URL may contain special character that need special syntax handling in order to be interpreted. Special characters are represented using a percentage character followed by two digits representing the octet code of the original character (%HEX-CODE). For instance US-ASCII space character would be represented with %20. This is often referred as escaped ending or percent-encoding. Since the server decodes the URL from the requests, it may restrict the access to some URL paths by validating and filtering out the URL requests it received. An attacker will try to craft an URL with a sequence of special characters which once interpreted by the server will be equivalent to a forbidden URL. It can be difficult to protect against this attack since the URL can contain other format of encoding such as UTF-8 encoding, Unicode-encoding, etc.
  • Manipulating Input to File System Calls
    An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.
  • Using Escaped Slashes in Alternate Encoding
    This attack targets the use of the backslash in alternate encoding. An attacker can provide a backslash as a leading character and causes a parser to believe that the next character is special. This is called an escape. By using that trick, the attacker tries to exploit alternate ways to encode the same character which leads to filter problems and opens avenues to attack.
  • Using Slashes in Alternate Encoding
    This attack targets the encoding of the Slash characters. An attacker would try to exploit common filtering problems related to the use of the slashes characters to gain access to resources on the target host. Directory-driven systems, such as file systems and databases, typically use the slash character to indicate traversal between directories or other container components. For murky historical reasons, PCs (and, as a result, Microsoft OSs) choose to use a backslash, whereas the UNIX world typically makes use of the forward slash. The schizophrenic result is that many MS-based systems are required to understand both forms of the slash. This gives the attacker many opportunities to discover and abuse a number of common filtering problems. The goal of this pattern is to discover server software that only applies filters to one version, but not the other.
nessus via4
  • NASL family Junos Local Security Checks
    NASL id JUNIPER_SPACE_JSA10917_184R1.NASL
    description According to its self-reported version number, the remote Junos Space version is 18.4.x prior to 18.4R1. It is, therefore, affected by multiple vulnerabilities : - An integer overflow issue exists in procps-ng. This is related to CVE-2018-1124. (CVE-2018-1126) - A directory traversal issue exits in reposync, a part of yum-utils.tory configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. (CVE-2018-10897) - An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID binary could use this flaw to escalate their privileges on the system. (CVE-2018-14634) Additionally, Junos Space is affected by several other vulnerabilities exist as noted in the vendor advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
    last seen 2019-02-21
    modified 2019-01-10
    plugin id 121068
    published 2019-01-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=121068
    title Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20180730_YUM_UTILS_ON_SL6_X.NASL
    description Security Fix(es) : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 111496
    published 2018-08-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111496
    title Scientific Linux Security Update : yum-utils on SL6.x (noarch)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20180730_YUM_UTILS_ON_SL7_X.NASL
    description Security Fix(es) : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 111497
    published 2018-08-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111497
    title Scientific Linux Security Update : yum-utils on SL7.x (noarch)
  • NASL family Amazon Linux Local Security Checks
    NASL id AL2_ALAS-2018-1063.NASL
    description A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. (CVE-2018-10897)
    last seen 2019-02-21
    modified 2018-10-17
    plugin id 112088
    published 2018-08-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112088
    title Amazon Linux 2 : yum-utils (ALAS-2018-1063)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2019-1FCCEDE810.NASL
    description **createrepo_c** - Include file timestamp in repomd.xml to allow reproducing exact metadata as produced in the past - Support of zchunk **libcomps** **librepo** - Add zchunk support **libdnf** - Enhance modular solver to handle enabled and default module streams differently (RhBug:1648839) - Add support of wild cards for modules (RhBug:1644588) - Revert commit that adds best as default behavior **dnf** - Updated difference YUM vs. DNF for yum-updateonboot - Added new command ``dnf alias [options] [list|add|delete] [...]`` to allow the user to define and manage a list of aliases - Enhanced documentation - Unifying return codes for remove operations - [transaction] Make transaction content available for commands - Triggering transaction hooks if no transaction (RhBug:1650157) - Add hotfix packages to install pool (RhBug:1654738) - Report group operation in transaction table - [sack] Change algorithm to calculate rpmdb_version - Allow to enable modules that break default modules (RhBug:1648839) - Enhance documentation - API examples - Add --nobest option - Revert commit that adds best as default behavior **dnf-plugins-core** - [download] Do not download src without ``--source`` (RhBug:1666648) **dnf-plugins-extras** Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-22
    modified 2019-02-21
    plugin id 122354
    published 2019-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122354
    title Fedora 29 : createrepo_c / dnf / dnf-plugins-core / dnf-plugins-extras / etc (2019-1fccede810)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1349.NASL
    description According to the version of the yum-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-13
    plugin id 118437
    published 2018-10-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118437
    title EulerOS Virtualization 2.5.0 : yum-utils (EulerOS-SA-2018-1349)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-2284.NASL
    description An update for yum-utils is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 111489
    published 2018-08-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111489
    title RHEL 6 : yum-utils (RHSA-2018:2284)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-357E8E07CE.NASL
    description Security fix for CVE-2018-10897 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-03
    plugin id 120345
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120345
    title Fedora 29 : yum-utils (2018-357e8e07ce)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1327.NASL
    description According to the version of the yum-utils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-13
    plugin id 118415
    published 2018-10-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=118415
    title EulerOS Virtualization 2.5.1 : yum-utils (EulerOS-SA-2018-1327)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1319.NASL
    description According to the version of the yum-utils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-13
    plugin id 117762
    published 2018-09-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117762
    title EulerOS 2.0 SP2 : yum-utils (EulerOS-SA-2018-1319)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-4F0089C995.NASL
    description Security fix for CVE-2018-10897 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-03
    plugin id 120412
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120412
    title Fedora 28 : yum-utils (2018-4f0089c995)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2018-2285.NASL
    description From Red Hat Security Advisory 2018:2285 : An update for yum-utils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.
    last seen 2019-02-21
    modified 2018-10-17
    plugin id 111483
    published 2018-08-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111483
    title Oracle Linux 7 : yum-utils (ELSA-2018-2285)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2018-1057.NASL
    description A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files.(CVE-2018-10897)
    last seen 2019-02-21
    modified 2018-10-17
    plugin id 111612
    published 2018-08-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111612
    title Amazon Linux AMI : yum-utils (ALAS-2018-1057)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2018-1320.NASL
    description According to the version of the yum-utils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-13
    plugin id 117763
    published 2018-09-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117763
    title EulerOS 2.0 SP3 : yum-utils (EulerOS-SA-2018-1320)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2018-2284.NASL
    description An update for yum-utils is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 111614
    published 2018-08-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111614
    title CentOS 6 : yum-utils (CESA-2018:2284)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-2285.NASL
    description An update for yum-utils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 111490
    published 2018-08-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111490
    title RHEL 7 : yum-utils (RHSA-2018:2285)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2018-2285.NASL
    description An update for yum-utils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 111615
    published 2018-08-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111615
    title CentOS 7 : yum-utils (CESA-2018:2285)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-2626.NASL
    description An update for redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue. Bug fix : * This update rebases imgbased to version 1.0.24. This update fixes the issue with removing broken symlinks when synchronizing layers. (BZ#1598781) (BZ# 1622025)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 117323
    published 2018-09-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117323
    title RHEL 7 : Virtualization (RHSA-2018:2626)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2018-2284.NASL
    description From Red Hat Security Advisory 2018:2284 : An update for yum-utils is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The yum-utils packages provide a collection of utilities and examples for the yum package manager to make yum easier and more powerful to use. Security Fix(es) : * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Jay Grizzard (Clover Network) and Aaron Levy (Clover Network) for reporting this issue.
    last seen 2019-02-21
    modified 2018-10-17
    plugin id 111482
    published 2018-08-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111482
    title Oracle Linux 6 : yum-utils (ELSA-2018-2284)
redhat via4
advisories
  • bugzilla
    id 1600221
    title CVE-2018-10897 yum-utils: reposync: improper path validation may lead to directory traversal
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    • OR
      • AND
        • comment yum-NetworkManager-dispatcher is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284057
        • comment yum-NetworkManager-dispatcher is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284058
      • AND
        • comment yum-plugin-aliases is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284021
        • comment yum-plugin-aliases is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284022
      • AND
        • comment yum-plugin-auto-update-debug-info is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284045
        • comment yum-plugin-auto-update-debug-info is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284046
      • AND
        • comment yum-plugin-changelog is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284009
        • comment yum-plugin-changelog is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284010
      • AND
        • comment yum-plugin-fastestmirror is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284039
        • comment yum-plugin-fastestmirror is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284040
      • AND
        • comment yum-plugin-filter-data is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284011
        • comment yum-plugin-filter-data is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284012
      • AND
        • comment yum-plugin-fs-snapshot is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284017
        • comment yum-plugin-fs-snapshot is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284018
      • AND
        • comment yum-plugin-keys is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284033
        • comment yum-plugin-keys is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284034
      • AND
        • comment yum-plugin-list-data is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284013
        • comment yum-plugin-list-data is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284014
      • AND
        • comment yum-plugin-local is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284023
        • comment yum-plugin-local is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284024
      • AND
        • comment yum-plugin-merge-conf is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284047
        • comment yum-plugin-merge-conf is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284048
      • AND
        • comment yum-plugin-ovl is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284031
        • comment yum-plugin-ovl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284032
      • AND
        • comment yum-plugin-post-transaction-actions is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284025
        • comment yum-plugin-post-transaction-actions is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284026
      • AND
        • comment yum-plugin-priorities is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284007
        • comment yum-plugin-priorities is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284008
      • AND
        • comment yum-plugin-protectbase is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284019
        • comment yum-plugin-protectbase is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284020
      • AND
        • comment yum-plugin-ps is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284037
        • comment yum-plugin-ps is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284038
      • AND
        • comment yum-plugin-remove-with-leaves is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284041
        • comment yum-plugin-remove-with-leaves is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284042
      • AND
        • comment yum-plugin-rpm-warm-cache is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284027
        • comment yum-plugin-rpm-warm-cache is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284028
      • AND
        • comment yum-plugin-security is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284049
        • comment yum-plugin-security is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284050
      • AND
        • comment yum-plugin-show-leaves is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284043
        • comment yum-plugin-show-leaves is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284044
      • AND
        • comment yum-plugin-tmprepo is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284051
        • comment yum-plugin-tmprepo is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284052
      • AND
        • comment yum-plugin-tsflags is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284029
        • comment yum-plugin-tsflags is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284030
      • AND
        • comment yum-plugin-upgrade-helper is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284053
        • comment yum-plugin-upgrade-helper is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284054
      • AND
        • comment yum-plugin-verify is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284035
        • comment yum-plugin-verify is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284036
      • AND
        • comment yum-plugin-versionlock is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284005
        • comment yum-plugin-versionlock is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284006
      • AND
        • comment yum-updateonboot is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284015
        • comment yum-updateonboot is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284016
      • AND
        • comment yum-utils is earlier than 0:1.1.30-42.el6_10
          oval oval:com.redhat.rhsa:tst:20182284055
        • comment yum-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284056
    rhsa
    id RHSA-2018:2284
    released 2018-07-30
    severity Important
    title RHSA-2018:2284: yum-utils security update (Important)
  • bugzilla
    id 1600221
    title CVE-2018-10897 yum-utils: reposync: improper path validation may lead to directory traversal
    oval
    AND
    • OR
      • comment Red Hat Enterprise Linux 7 Client is installed
        oval oval:com.redhat.rhba:tst:20150364001
      • comment Red Hat Enterprise Linux 7 Server is installed
        oval oval:com.redhat.rhba:tst:20150364002
      • comment Red Hat Enterprise Linux 7 Workstation is installed
        oval oval:com.redhat.rhba:tst:20150364003
      • comment Red Hat Enterprise Linux 7 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20150364004
    • OR
      • AND
        • comment yum-NetworkManager-dispatcher is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285047
        • comment yum-NetworkManager-dispatcher is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284058
      • AND
        • comment yum-plugin-aliases is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285007
        • comment yum-plugin-aliases is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284022
      • AND
        • comment yum-plugin-auto-update-debug-info is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285043
        • comment yum-plugin-auto-update-debug-info is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284046
      • AND
        • comment yum-plugin-changelog is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285019
        • comment yum-plugin-changelog is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284010
      • AND
        • comment yum-plugin-copr is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285045
        • comment yum-plugin-copr is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182285046
      • AND
        • comment yum-plugin-fastestmirror is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285049
        • comment yum-plugin-fastestmirror is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284040
      • AND
        • comment yum-plugin-filter-data is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285013
        • comment yum-plugin-filter-data is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284012
      • AND
        • comment yum-plugin-fs-snapshot is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285055
        • comment yum-plugin-fs-snapshot is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284018
      • AND
        • comment yum-plugin-keys is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285027
        • comment yum-plugin-keys is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284034
      • AND
        • comment yum-plugin-list-data is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285005
        • comment yum-plugin-list-data is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284014
      • AND
        • comment yum-plugin-local is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285041
        • comment yum-plugin-local is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284024
      • AND
        • comment yum-plugin-merge-conf is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285059
        • comment yum-plugin-merge-conf is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284048
      • AND
        • comment yum-plugin-ovl is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285021
        • comment yum-plugin-ovl is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284032
      • AND
        • comment yum-plugin-post-transaction-actions is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285053
        • comment yum-plugin-post-transaction-actions is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284026
      • AND
        • comment yum-plugin-pre-transaction-actions is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285037
        • comment yum-plugin-pre-transaction-actions is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182285038
      • AND
        • comment yum-plugin-priorities is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285035
        • comment yum-plugin-priorities is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284008
      • AND
        • comment yum-plugin-protectbase is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285039
        • comment yum-plugin-protectbase is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284020
      • AND
        • comment yum-plugin-ps is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285057
        • comment yum-plugin-ps is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284038
      • AND
        • comment yum-plugin-remove-with-leaves is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285051
        • comment yum-plugin-remove-with-leaves is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284042
      • AND
        • comment yum-plugin-rpm-warm-cache is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285029
        • comment yum-plugin-rpm-warm-cache is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284028
      • AND
        • comment yum-plugin-show-leaves is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285025
        • comment yum-plugin-show-leaves is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284044
      • AND
        • comment yum-plugin-tmprepo is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285033
        • comment yum-plugin-tmprepo is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284052
      • AND
        • comment yum-plugin-tsflags is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285015
        • comment yum-plugin-tsflags is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284030
      • AND
        • comment yum-plugin-upgrade-helper is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285023
        • comment yum-plugin-upgrade-helper is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284054
      • AND
        • comment yum-plugin-verify is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285011
        • comment yum-plugin-verify is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284036
      • AND
        • comment yum-plugin-versionlock is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285009
        • comment yum-plugin-versionlock is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284006
      • AND
        • comment yum-updateonboot is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285031
        • comment yum-updateonboot is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284016
      • AND
        • comment yum-utils is earlier than 0:1.1.31-46.el7_5
          oval oval:com.redhat.rhsa:tst:20182285017
        • comment yum-utils is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhsa:tst:20182284056
    rhsa
    id RHSA-2018:2285
    released 2018-07-30
    severity Important
    title RHSA-2018:2285: yum-utils security update (Important)
  • rhsa
    id RHSA-2018:2626
rpms
  • yum-NetworkManager-dispatcher-0:1.1.30-42.el6_10
  • yum-plugin-aliases-0:1.1.30-42.el6_10
  • yum-plugin-auto-update-debug-info-0:1.1.30-42.el6_10
  • yum-plugin-changelog-0:1.1.30-42.el6_10
  • yum-plugin-fastestmirror-0:1.1.30-42.el6_10
  • yum-plugin-filter-data-0:1.1.30-42.el6_10
  • yum-plugin-fs-snapshot-0:1.1.30-42.el6_10
  • yum-plugin-keys-0:1.1.30-42.el6_10
  • yum-plugin-list-data-0:1.1.30-42.el6_10
  • yum-plugin-local-0:1.1.30-42.el6_10
  • yum-plugin-merge-conf-0:1.1.30-42.el6_10
  • yum-plugin-ovl-0:1.1.30-42.el6_10
  • yum-plugin-post-transaction-actions-0:1.1.30-42.el6_10
  • yum-plugin-priorities-0:1.1.30-42.el6_10
  • yum-plugin-protectbase-0:1.1.30-42.el6_10
  • yum-plugin-ps-0:1.1.30-42.el6_10
  • yum-plugin-remove-with-leaves-0:1.1.30-42.el6_10
  • yum-plugin-rpm-warm-cache-0:1.1.30-42.el6_10
  • yum-plugin-security-0:1.1.30-42.el6_10
  • yum-plugin-show-leaves-0:1.1.30-42.el6_10
  • yum-plugin-tmprepo-0:1.1.30-42.el6_10
  • yum-plugin-tsflags-0:1.1.30-42.el6_10
  • yum-plugin-upgrade-helper-0:1.1.30-42.el6_10
  • yum-plugin-verify-0:1.1.30-42.el6_10
  • yum-plugin-versionlock-0:1.1.30-42.el6_10
  • yum-updateonboot-0:1.1.30-42.el6_10
  • yum-utils-0:1.1.30-42.el6_10
  • yum-NetworkManager-dispatcher-0:1.1.31-46.el7_5
  • yum-plugin-aliases-0:1.1.31-46.el7_5
  • yum-plugin-auto-update-debug-info-0:1.1.31-46.el7_5
  • yum-plugin-changelog-0:1.1.31-46.el7_5
  • yum-plugin-copr-0:1.1.31-46.el7_5
  • yum-plugin-fastestmirror-0:1.1.31-46.el7_5
  • yum-plugin-filter-data-0:1.1.31-46.el7_5
  • yum-plugin-fs-snapshot-0:1.1.31-46.el7_5
  • yum-plugin-keys-0:1.1.31-46.el7_5
  • yum-plugin-list-data-0:1.1.31-46.el7_5
  • yum-plugin-local-0:1.1.31-46.el7_5
  • yum-plugin-merge-conf-0:1.1.31-46.el7_5
  • yum-plugin-ovl-0:1.1.31-46.el7_5
  • yum-plugin-post-transaction-actions-0:1.1.31-46.el7_5
  • yum-plugin-pre-transaction-actions-0:1.1.31-46.el7_5
  • yum-plugin-priorities-0:1.1.31-46.el7_5
  • yum-plugin-protectbase-0:1.1.31-46.el7_5
  • yum-plugin-ps-0:1.1.31-46.el7_5
  • yum-plugin-remove-with-leaves-0:1.1.31-46.el7_5
  • yum-plugin-rpm-warm-cache-0:1.1.31-46.el7_5
  • yum-plugin-show-leaves-0:1.1.31-46.el7_5
  • yum-plugin-tmprepo-0:1.1.31-46.el7_5
  • yum-plugin-tsflags-0:1.1.31-46.el7_5
  • yum-plugin-upgrade-helper-0:1.1.31-46.el7_5
  • yum-plugin-verify-0:1.1.31-46.el7_5
  • yum-plugin-versionlock-0:1.1.31-46.el7_5
  • yum-updateonboot-0:1.1.31-46.el7_5
  • yum-utils-0:1.1.31-46.el7_5
refmap via4
confirm
sectrack 1041594
Last major update 01-08-2018 - 13:29
Published 01-08-2018 - 13:29
Last modified 30-11-2018 - 16:33
Back to Top